diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 19f523c2..d4754aaa 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -10,7 +10,7 @@ on: jobs: cloc: name: CLOC - runs-on: ubuntu-latest + runs-on: ubuntu-20.04 steps: - name: Checkout repo uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f # v2.3.4 @@ -23,9 +23,10 @@ jobs: - name: Print lines of code run: cloc --include-lang TypeScript,JavaScript,HTML,Sass,CSS --vcs git + linux: name: Linux Build - runs-on: ubuntu-latest + runs-on: ubuntu-20.04 steps: - name: Checkout repo uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f # v2.3.4 @@ -115,18 +116,14 @@ jobs: path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x86_64.AppImage if-no-files-found: error + windows: name: Windows Build - runs-on: windows-latest + runs-on: windows-2019 steps: - name: Checkout repo uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f # v2.3.4 - - name: Set up dotnet - uses: actions/setup-dotnet@a71d1eb2c86af85faa8c772c03fb365e377e45ea # v1.8.0 - with: - dotnet-version: "3.1.x" - - name: Set up Node uses: actions/setup-node@46071b5c7a2e0c34e49c3cb8a0e792e86e18d5ea # v2.1.5 with: @@ -150,24 +147,7 @@ jobs: node-gyp install $(node -v) - name: Install AST - shell: pwsh - run: | - cd $HOME - - git clone https://github.com/vcsjones/AzureSignTool.git - cd AzureSignTool - $latest_head = $(git rev-parse HEAD)[0..9] -join "" - $latest_version = "0.0.0-g$latest_head" - - Write-Host "--------" - Write-Host "git commit - $(git rev-parse HEAD)" - Write-Host "latest_head - $latest_head" - Write-Host "PACKAGE VERSION TO BUILD - $latest_version" - Write-Host "--------" - - dotnet restore - dotnet pack --output ./nupkg - dotnet tool install --global --ignore-failed-sources --add-source ./nupkg --version $latest_version azuresigntool + uses: bitwarden/gh-actions/install-ast@f135c42c8596cb535c5bcb7523c0b2eef89709ac - name: Set up environment shell: pwsh @@ -267,7 +247,7 @@ jobs: macos-build: name: MacOS Build - runs-on: macos-latest + runs-on: macos-11 steps: - name: Checkout repo uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f # v2.3.4 @@ -368,7 +348,7 @@ jobs: macos-package-github: name: MacOS Package GitHub Release Assets - runs-on: macos-latest + runs-on: macos-11 needs: macos-build if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/rc' steps: @@ -498,7 +478,7 @@ jobs: macos-package-mas: name: MacOS Package Prod Release Asset - runs-on: macos-latest + runs-on: macos-11 needs: macos-build if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/rc' steps: @@ -624,7 +604,7 @@ jobs: macos-package-dev: name: MacOS Package Dev Release Asset if: false # We need to look into how code signing works for dev - runs-on: macos-latest + runs-on: macos-11 needs: macos-build steps: - name: Checkout repo diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 2d166027..9febedad 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -11,7 +11,7 @@ on: jobs: setup: name: Setup - runs-on: ubuntu-latest + runs-on: ubuntu-20.04 outputs: package_version: ${{ steps.create_tags.outputs.package_version }} tag_version: ${{ steps.create_tags.outputs.tag_version }} @@ -45,7 +45,7 @@ jobs: snap: name: Deploy Snap - runs-on: ubuntu-latest + runs-on: ubuntu-20.04 needs: setup env: _PKG_VERSION: ${{ needs.setup.outputs.package_version }} @@ -81,7 +81,7 @@ jobs: choco: name: Deploy Choco - runs-on: windows-latest + runs-on: windows-2019 needs: setup env: _PKG_VERSION: ${{ needs.setup.outputs.package_version }} @@ -124,7 +124,7 @@ jobs: macos: name: Deploy MacOS - runs-on: macos-latest + runs-on: macos-11 needs: setup env: _PKG_VERSION: ${{ needs.setup.outputs.package_version }} @@ -153,7 +153,7 @@ jobs: auto-updater-deploy: name: Release auto-updater files - runs-on: ubuntu-latest + runs-on: ubuntu-20.04 needs: - setup - snap @@ -178,7 +178,8 @@ jobs: #cat release.json RELEASE_UPLOAD_URL=$(cat release.json | jq -r ' .upload_url ' | cut -d { -f 1) - cat release.json | jq -rc ' .assets[] | select( .name | test("prerelease-latest.*[yml|json]")) | {name: .name, url: .url, content_type: .content_type}' > release_assets.jsonl + cat release.json \ + | jq -rc ' .assets[] | select( .name | test("prerelease-latest.*[yml|json]")) | {name: .name, url: .url, content_type: .content_type}' > release_assets.jsonl echo "=====ASSETS=====" echo Release Upload URL: $RELEASE_UPLOAD_URL diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 78874f2a..1ddff1cd 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -14,7 +14,7 @@ on: jobs: setup: name: Setup - runs-on: ubuntu-latest + runs-on: ubuntu-20.04 outputs: release_upload_url: ${{ steps.create_release.outputs.upload_url }} steps: @@ -62,7 +62,7 @@ jobs: linux: name: Linux - runs-on: ubuntu-latest + runs-on: ubuntu-20.04 needs: setup steps: - name: Checkout repo @@ -117,17 +117,12 @@ jobs: windows-signed: name: Windows Signed - runs-on: windows-latest + runs-on: windows-2019 needs: setup steps: - name: Checkout repo uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f # v2.3.4 - - name: Set up dotnet - uses: actions/setup-dotnet@a71d1eb2c86af85faa8c772c03fb365e377e45ea # v1.8.0 - with: - dotnet-version: "3.1.x" - - name: Set up Node uses: actions/setup-node@46071b5c7a2e0c34e49c3cb8a0e792e86e18d5ea # v2.1.5 with: @@ -151,24 +146,7 @@ jobs: node-gyp install $(node -v) - name: Install AST - shell: pwsh - run: | - cd $HOME - - git clone https://github.com/vcsjones/AzureSignTool.git - cd AzureSignTool - $latest_head = $(git rev-parse HEAD)[0..9] -join "" - $latest_version = "0.0.0-g$latest_head" - - Write-Host "--------" - Write-Host "git commit - $(git rev-parse HEAD)" - Write-Host "latest_head - $latest_head" - Write-Host "PACKAGE VERSION TO BUILD - $latest_version" - Write-Host "--------" - - dotnet restore - dotnet pack --output ./nupkg - dotnet tool install --global --ignore-failed-sources --add-source ./nupkg --version $latest_version azuresigntool + uses: bitwarden/gh-actions/install-ast@f135c42c8596cb535c5bcb7523c0b2eef89709ac - name: Set up environment shell: pwsh @@ -231,7 +209,7 @@ jobs: windows-store: name: Windows Store - runs-on: windows-latest + runs-on: windows-2019 needs: setup steps: - name: Checkout repo @@ -316,7 +294,7 @@ jobs: macos: name: MacOS - runs-on: macos-latest + runs-on: macos-11 needs: setup steps: - name: Checkout repo @@ -437,7 +415,7 @@ jobs: update-release-assets: name: Update Release Assets - runs-on: ubuntu-latest + runs-on: ubuntu-20.04 needs: - setup - linux diff --git a/sign.js b/sign.js index 9f8277c0..448ff705 100644 --- a/sign.js +++ b/sign.js @@ -5,7 +5,7 @@ exports.default = async function(configuration) { ) { console.log(`[*] Signing file: ${configuration.path}`) require("child_process").execSync( - `azuresigntool sign ` + + `azuresigntool sign -v ` + `-kvu ${process.env.SIGNING_VAULT_URL} ` + `-kvi ${process.env.SIGNING_CLIENT_ID} ` + `-kvt ${process.env.SIGNING_TENANT_ID} ` +